Wildcard search based on a field like Splunk?

Elastic Stack Kibana
1

Hello,

Sorry if this has been posted before, I couldn't find.

We are currently using Splunk but moving to Elastic / Kibana. On Splunk, we have some Fields in the dashboard, and when we search for a value, the search supports simply wildcard in that field (e.g. I search for email@*).

image

On Elastic / Kibana I am able to do a wildcard query of course, but it is not very user friendly, and the only fields I have are the Control Labels in Visualization, but their are based on strict values found in the logs.

image

Any way to reproduce this here?

Thanks!

2

appreciate the feedback. on the controls front I think this is a good suggestion. we're doing active work in this area but this isn't on the list. will add it and discuss with the team [Controls] [Meta] Engineering Phase 2 Implementation Roadmap · Issue #120035 · elastic/kibana · GitHub

On Elastic / Kibana I am able to do a wildcard query of course, but it is not very user friendly

where are you in Kibana in this example? Discover?

3

In Kibana I am in the dashboard view, with Control Visualization added for the fields of my data

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.